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DETAILED ACTION 

1 . This action is responsive to communications: application, filed 8/18/2003; 
amendment filed 1 1/5/2007. 

2. Claims 1-11 are pending in the case. Claim 11 is new. 

Information Disclosure Statement PTO-1449 

3. The Information Disclosure Statements submitted by applicant on 6/18/2007 
have been considered. Please see attached PTO-1449. 

Response to Arguments 

4. Applicant argues that in the present invention, when using IPSec protocol, even if 
the TCP or UDP header is encrypted, the filter key is removed from the coverage of 
encryption. However, claim limitations do not include IPSec protocol, or encrypted TCP 
or UDP headers. 

In addition, the exact meaning of the phrase "said filtering information being immune 
from encryption" is not understood. The Specification does not include the word 
"immune". It is understood that the Specification points out that IPv6 extended header is 
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used to transmit Filter key FK, and therefore the Filter key is not encrypted. However, 
stating that "filtering information is immune to encryption" does not clearly identify the 
meets and bounds of the claimed invention, especially since there is no description of it 
in the Specification. 

Furthermore, as noted in the new grounds of rejection, keeping a particular piece of 
data from being affected by encryption was well known in the art, especially if it is 
performed by simply excluding the particular piece of data from the data that is to be 
encrypted. Note also that use of IPv6 extended header to transmit metadata or other 
parameters associated with the transmitted data was well known in the art at the time of 
invention. 

Accordingly, applicant's argument regarding allowability of claims 1-11 is found non 
persuasive. 

Claim Rejections - 35 USC §112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

6. Claims 1-11 rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 
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6.1 . Where applicant acts as his or her own lexicographer to specifically define a term 
of a claim contrary to its ordinary meaning, the written description must clearly redefine 
the claim term and set forth the uncommon definition so as to put one reasonably skilled 
in the art on notice that the applicant intended to so redefine that claim term. Process 
Control Corp. v. HydReclaim Corp., 190 F.3d 1350, 1357, 52 USPQ2d 1029, 1033 (Fed. 
Cir. 1999). The term " immune from encryption" in claims 1-11 is used by the claim to 
mean "not encrypted". The term is indefinite because the specification does not clearly 
redefine the term. 

7. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

8. Claims 1-11 rejected under 35 U.S.C. 112, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one 
skilled in the relevant art that the inventor(s), at the time the application was filed, had 
possession of the claimed invention. The term "immune from encryption" is not 
described in the Specification. 



Claim Rejections - 35 USC § 103 
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9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 1-10 rejected under 35 U.S.C. 103(a) as being unpatentable over Arrow 
et al. (US Patent No. 6'154'839, dated Nov. 28, 2000). 

10.1. As per claim 1, Arrow is directed to a packet filtering method characterized by 
storing filtering information for use in filtering at a receiving side in a packet to be sent to 
the receiving side and sending it from a sending side (col. 6 lines 46-60 shows the 
encryption and authentication information is added to a packet at sending side, and 
verified at the receiving side), wherein the filtering information is stored in an Ipv6 
extended header added to an Ipv6 header or in a flow label region in an Ipv6 header, 
when the packet is a packet in compliance with Ipv6 (Fig. 8 and associated text shows 
the filtering data is placed in the address field of a packet. Address field of packets, 
such as IP packets are in the packet header. Column 6 lines 21-35 teach IP packets as 
examples for implementation of invention. It also explicitly teaches to use the technique 
regardless of the current version of IP protocol (col. 6 lines 30-35), which was Ipv6 at 
the time of invention. Examiner asserts that Ipv6 was well known at the time of 
invention, and takes the official notice that it would have been obvious to use Arrow's 
technique in Ipv6 packets, and put the authentication information (filtering information) 
in extended header or flow label region. Note that IP routers recognize Ipv6 packets), 
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said filtering information being immune from encryption to allow packet filtering 
(Examiner takes the Official Notice that removing a particular portion of data from the 
process of encryption to be applied to data, and rendering the particular portion of data 
in clear text was well known at the time of invention. Therefore, it would have been 
obvious to the one skilled in art to exclude the particular portion of data from being 
encrypted. The motivation to keep a particular portion of data from being encrypted is to 
avoid having to obtain a key to decrypt the particular portion of data and also avoid the 
resource consuming process of decryption when the particular portion of data does not 
need protection, and needs to be accessible quickly). 

10.2. As per claim 2, Arrow is directed to a packet filtering method characterized by, 
receiving a packet at the receiving side, from a sending side, detecting filtering 
information stored in that packet (see response to claim 1), holding predetermined 
filtering information of the receiving side, comparing filtering information of the sending 
side detected from the packet with the filtering information of the receiving side, and, 
when the two do not match, discarding that packet (for example, col. 8, lines 4-23, or 
col. 6, lines 45-60), wherein the filtering information is stored in an Ipv6 extended 
header added to an Ipv6 header or in a flow label region in an Ipv6 header, when the 
packet is a packet in compliance with Ipv6, said filtering information being immune from 
encryption to allow packet filtering (see response to claim 1). 
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10.3. As per claim 3, Arrow is directed to a communication equipment at a packet 
sending side including a function unit for achieving a packet filtering, said 
communication equipment characterized by having at least: a setting unit for setting 
freely determined filtering information, a filter key holding unit for holding the filtering 
information input by the setting unit as a filter key, and a filter key storing function unit 
for receiving as input the held filter key and storing the filter key in a header portion of a 
packet (see response to claims 1. The functionality and hardware required to hold the 
filter keys and storing them is inherent to Arrow's system), wherein the filtering 
information is stored in an Ipv6 extended header added to an Ipv6 header or in a flow 
label region in an Ipv6 header, when the packet is a packet in compliance with Ipv6, 
said filtering information being immune from encryption to allow packet filtering (see 
response to claim 1). 

10.4. As per claim 4, Arrow is directed to a communication equipment of a packet 
receiving side including a function unit for packet filtering, said communication 
equipment characterized by being provided with: a filter key detecting unit for receiving 
a packet sent from a sending side while storing information as a filter key in a header 
portion of the packet and detecting the filter key from the header portion and a 
comparing function unit for comparing a filter key of a sending side detected by the filter 
key detecting unit with a filter key of the receiving side held in advance, determining if 
the two do not match, and, when they do not match, discarding the received packet (see 
response to claim 3), wherein the filtering information is stored in an Ipv6 extended 
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header added to an Ipv6 header or in a flow label region in an Ipv6 header, when the 
packet is a packet in compliance with Ipv6, said filtering information being immune from 
encryption to allow packet filtering (see response to claim 1). 

10.5. As per claim 5, Arrow is directed to a communication equipment as set forth in 
claim 4, characterized in that: the equipment is provided with a buffer for temporarily 
storing a received packet passing through the filter key detecting unit and in that the 
comparing function unit is comprised of: a filter key table holding a predetermined 
plurality of different filter keys (col. 7, lines 40-55), a search unit for searching if there is 
a filter key matching with a filter key detected by the filter key detecting unit 

in the filter key table and when there is none, outputting a discard command, 

and a buffer control unit for receiving the discard command and controlling the system 

so as to discard the packet stored in the buffer (see response to claim 3). 

10.6. As per claim 6, Arrow is directed to an authentication apparatus having: a filtering 
authentication function unit for receiving user authentication information input from a 
user receiving a filtering service and authenticating the user (col. 7 lines 30-40) and a 
filter key providing function unit for assigning and distributing a filter key as filtering 
information to be stored in packet corresponding to the user authentication information 
to the user after the authentication at the filtering authentication function unit (Arrow's 
claim 4), wherein the filtering information is stored in an Ipv6 extended header added to 
an Ipv6 header or in a flow label region in an Ipv6 header, when the packet is a packet 
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in compliance with Ipv6, said filtering information being immune from encryption to allow 
packet filtering (see response to claim 1). 

10.7. Limitations of claims 7-1 1 are substantially the same as limitations of claims 1-6 
above. Note that per col. 12 lines 20-35, the user is authenticated in advance and have 
received proper authentication information to include in the packet user ID field. This 
authentication information is used by the firewall to authenticate user's packet. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is 571 
272 3739. The examiner can normally be reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
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have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 



Farid Homayounmehr 

Examiner - _. , 

GILBERTO BARRON Jtf, 
Art Unit: 21 32 SUPERVISORY PATCNT EXAMINER 

TECHNOLOGY CENTER 2100 



